Disappeared News

Tuesday, September 28, 2010

Seriously. The FBI is asking for surveillance powers that will compromise personal and corporate security for any user of the Internet. That could kill the golden goose of the US economy.

Let me take you back to days of yore, when dinosaur mainframes roamed the corporate world. It was truly the iron age of computing.

Companies each had their own computer, large or small. No one worked from home because the computers were not equipped with communications capabilities. They were very secure, vulnerable mainly to employee theft of information. And that was tough, because data was kept on large reels of tape.

Intruders were kept out the old-fashioned way—by security guards.

Then came data lines, teletypes and 110 baud modems. At 10 characters per second, someone could access their mainframe from a branch office.

The advent of time-sharing services, led by General Electric, brought a huge evolutionary leap. As these mainframes developed, they became amazingly secure. Ford, GM and Chrysler could be running programs in the same machine and there was no chance that they could see the data from any other user. Up to approximately 600 users could run in one mainframe.

The security was enforced by the hardware. No program could read or write to any area of disk or memory the way our modern PCs permit. No virus could infect one of those computers, at least nothing that would travel from one user to another.

Jumping forward to the present, “cloud computing” resembles those time-sharing systems in many ways. Given any old underpowered netbook or cheap Linux machine, a user can store data in the “cloud” and even run wholly cloud-based applications. The computer power is no longer in that box on your desk, it’s somewhere “out there.”

Now comes the FBI, wanting to destroy the security that makes the cloud work.

They propose that encrypted data no longer be protected. They want to be given the master keys to read it. How long do you think it will be before someone quits the FBI and takes along a CD with some keys on it? Or, given the general incompetence of government, how long before some high school kid in Asia figures how to get the keys?

The FBI wants companies that exchange data even within the same corporation to allow interception of data transmissions. Yes.

Foreign companies transmitting data must establish a US presence to allow for decryption of the transmissions.

Bottom line, the FBI would have the key to read your data. And if, as is likely, foreign governments exact the same local presence requirements as the US would, then your data could be downloaded overseas and you wouldn’t even know it. Once a master key system is set up, security is compromised for everyone.

Probably the only way to protect corporate or private data would be to disconnect. It would be back to the bad old days of individual corporate computer systems. Oh, we’d have to print our data, get into a taxi, and take it to the head office where someone would put it into their computer. Or carry disks or CDs or the like.

It would be medieval. Here’s an illustration about how things used to be when there was no data transmission.

The Obama administration intends to introduce legislation to allow the FBI the powers described and perhaps other intrusion powers.

I keep asking myself, “whose side is he on?” Alienating his voter base is one thing, but alienating his corporate funders could be tragic to his plans for re-election. Could corporations not fully understand what could happen if this goes through?